Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

d0738cea95...55.exe

windows7-x64

3

d0738cea95...55.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5f086e863e8c615df11356dd2f35df2d4111bf79591de64db6cb81fa6f04e958

  • Size

    49KB

  • Sample

    240419-wz5y5sbh56

  • MD5

    40d28f64abd7b61bdbd65b2354bb8ac1

  • SHA1

    26874d7f6826b930f681a2d886d9e3b5224181b8

  • SHA256

    5f086e863e8c615df11356dd2f35df2d4111bf79591de64db6cb81fa6f04e958

  • SHA512

    e6df4936f7d8a2c23149725683d81d110c2bb791d63b023e9b8310cdc28ef3a542cd457db679eb9e5fb5f594e093a23055c68bd3830581bd68f67e93e6b9e73a

  • SSDEEP

    768:EloQpctinbjm0MRFpzl033SqFbMsGNOXgTrBdWebJGIFuK/q2sSqDYDmLEsnk+yw:Em+giPsc3SJsGug5FNFb/qv1/hcdM

Score
8/10

Malware Config

Targets

    • Target

      d0738cea958412981be86082e38d44fb32696c319df92d21942b7bf22afa0055

    • Size

      88KB

    • MD5

      6aeb9132bba916f4056093efd21137ac

    • SHA1

      437bfbc610896b14b7f88f0bd0bec6de4a36f4a4

    • SHA256

      d0738cea958412981be86082e38d44fb32696c319df92d21942b7bf22afa0055

    • SHA512

      cd79f6ee903f749f2ce62f3cdb9416fff2ca58c218a70e293c1e8fdfd7622b01d9959ba7316f33d53e2714df25d1c7142d14c989d7def2aeccf9c3f8d77ae262

    • SSDEEP

      1536:j7fPGykbOqjoHm4pICdfkLtAfupcWX50MxFY+yIOlnToIfzxjOC:/q6+ouCpk2mpcWJ0r+QNTBfzL

    Score
    8/10

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks